Method of distributing a decryption key in fixed-content data

ABSTRACT

Secondary content in encrypted for distribution to client terminals by selecting at least a portion of raw encrypted audio-video data (REAVD) that is provided on a media article as an encryption key, encrypting secondary content using the encryption key, and storing encrypted secondary content at a remotely located host. The media article can then be used for providing access to the encrypted secondary content to client terminals by receiving encrypted secondary content at a client terminal, extracting a decryption key from a media article encoded with REAVD, the decryption key being determined by at least a portion of the REAVD, using the decryption key to decrypt the secondary content, and outputting the decrypted secondary content from the client terminal.

CROSS-REFERENCE TO RELATED APPLICATIONS

This application claims priority pursuant to 35 U.S.C. §119(e) to U.S.provisional application Ser. No. 60/908,738, filed Mar. 29, 2007, whichis hereby incorporated by reference in its entirety.

BACKGROUND

1. Field of the Invention

The present invention relates to management of digital content, and inparticular, to systems and methods for providing protected digitalcontent to authorized users.

2. Description of Related Art

Piracy is a significant concern among digital content providers. Withthe ubiquity of high speed Internet connectivity, transfers anddownloads of even high definition quality movies can easily and rapidlybe accomplished over networks. Moreover, the electronic delivery ofdigital content removes several barriers to pirating. One barrier thatis removed is any requirement for the user to purchase a tangiblearticle, such as CD and DVD disks, containing the digital content.Another barrier is the digital format of the content itself. Becausethere is no degradation in quality of copied digital content, there isno perceived disadvantage to using original versus pirated digitalcontent. Copyrighted digital content of all types is regularly piratedon a massive scale, demonstrating the failure of present technology toprevent unauthorized copying.

Digital content providers have responded to the threat of digital piracyby implementing various strategies to discourage or prevent unauthorizedaccess and copying. One such strategy is to provide incentives forconsumers to purchase original DVD disks by including value-addedcontent that is not otherwise available to the public. The problempersists, however, in that the original DVD disks themselves can bepirated. To that end, a copy protection requirement, known as thecontent scrambling system (CSS), is implemented in the DVD standards toprevent unauthorized copying of video files directly from the disc. CSSaccomplishes this by scrambling certain sectors containing audio-videodata in such a way that the data cannot be used to recreate a validsignal. The scrambled sectors are encrypted with a title key stored inthe sector header and a disc key which is hidden in the control area ofthe disc and is not directly accessible.

The CSS algorithm and keys were supposed to remain secret, but in 2000,computer hackers were able to reverse engineer the algorithm and deriveall of the keys. Still, CSS and other content-protection schemes forDVD, Blu-Ray, and other digital media often prevent the average userfrom using a computer to copy a DVD movie or other digital content, andperfect unauthorized DVD copies are rare or non-existent. Instead, manypirated copies of DVD's are generated using what is sometimes referredto as the “analog hole” to create digital copies from the analog outputof a player device. Even digital pirated copies can often be detected bysmall differences in digital data that may or may not affect the copies'playability and analog output. Absolute content protection is perhapsunrealistic, as a completely foolproof copy protection method would makeit impossible to use the disc. If you can see it or hear it, you cancopy it. There is therefore a need for digital content providers to beable to provide a more secure distribution system for digital contentthat protects the rights of content owners by further encouragingcustomers to purchase original authorized copies of content and providesgreater copyright protection for downloadable content.

SUMMARY

Various systems and methods are disclosed herein for encouraging thepurchase of authorized copies of original content by including bonussecondary content and also for providing a more secure distributionsystem for the bonus secondary content. This may be accomplished byselecting a decryption key that is determined by at least a portion ofthe raw encrypted audio-video data (“REAVD”) that is provided on anoriginal media article, such as an optical DVD disc, Blu-Ray disc,CD-ROM or a memory device. As used herein, “REAVD” may includeincidental bits that are not used directly to create audio-video outputor that are not encrypted, for example, a sector header or decryptionkey integrated with encrypted audio-video data. Conversely, as usedherein, “REAVD” excludes data that is not primarily comprised of bitsthat are used to generate an audio-video output signal when played by acompatible media player device. The REAVD may be itself encrypted usinga key that is not the decryption key. As used herein, “audio-video”refers to data or a signal for producing sounds and images recognizableby a human being as images of a real or imaginary scene, and excludesmerely random, chaotic or machine-only recognizable sounds and images.The decryption key may be extracted from different data segments on themedia article and may be used at a client terminal to decrypt encryptedsecondary content. Different data reconstruction protocols may beprovided to extract the decryption key for the same media article.

A portion or all of the REAVD that is used to determine the decryptionkey may read from a segment of the media article that cannot be copiedto a writable media article copy using a consumer CD/DVD burner or otherconsumer copying device. For example, discs manufactured according tothe DVD standard can include encoded data on a physical portion of thedisc that cannot be written to a copy made using a consumer DVD burner.A molded disc, in other words, can be made that holds more data than canbe burned onto a writable disc. Thus, the method may be configured toensure that only those who possess original authorized copies of the DVDdisc are able to decrypt the encrypted secondary content. It isunderstood that the methods and systems disclosed herein are not limitedto a particular hardware or software architecture for carrying out thesteps described herein.

In one embodiment, a method for using a media article for providingaccess to encrypted secondary content at a client terminal is provided.The method comprises receiving encrypted secondary content at a clientterminal; extracting a decryption key from a media article encoded withraw encrypted audio-video data (“REAVD”), the decryption key beingdetermined by at least a portion of the REAVD; using the decryption keyto decrypt the encrypted secondary content; and outputting the decryptedsecondary content from the client terminal.

In accordance with one aspect of the technology, the client terminal mayreceive the encrypted secondary content from a remote host, a secondmedia article, or both.

In accordance with another aspect of the technology, the decryption keymay be determined by different portions of encoded REAVD located ondifferent segments of the media article. The decryption key may also befurther determined by one or more REAVD data segments which areunwritable using a copying device, one or more data segments whichrelate to the encryption status of the media article, or both.

In accordance with yet another aspect of the technology, the decryptionkey may be determined by the entirety of the data on the media articlewith a one-to-one mapping of the encrypted secondary content and thedata on the media article, or any combination of the foregoing. Theone-to-one mapping may be, for example, an exclusive “OR” operation withthe encrypted secondary content to produce decrypted secondary content,or the addition/subtraction of the DVD REAVD data in segregated bits,bytes, or other bit groups from the digital data of the encryptedsecondary content to produce decrypted secondary content.

In accordance with a further aspect of the technology, outputting thedecrypted secondary content from the client terminal may includedownloading the secondary content on a memory associated with the clientterminal, displaying the secondary content on a display associated withthe client terminal, or both.

In another embodiment, a method for encrypting secondary content fordistribution to client terminals may be provided. The method comprisesselecting at least a portion of REAVD that is provided on a mediaarticle as an encryption key; encrypting secondary content using theencryption key; and storing encrypted secondary content at a remotelylocated host.

In accordance with one aspect of the technology, the method may furthercomprise any one or more of the following: receiving a request from aclient terminal for secondary content and delivering encrypted secondarycontent to the client terminal. The encrypted secondary content may bedecrypted by the client terminal using a decryption key determined by atleast a portion of the REAVD provided on the media article that is readby the client terminal. The decryption key may further include one ormore data segments which are unwritable using a copying device.

In accordance with another aspect, the encryption key and the decryptionkey may be identical or different.

Other objects, features and advantages of the present invention willbecome apparent to those skilled in the art from the following detaileddescription.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 is a schematic diagram showing the interaction between the clientterminal and the source node, and the resulting transmission ofencrypted secondary content to the client terminal.

FIG. 2 is a schematic diagram showing the use of two media discs toprovide access to encrypted secondary content residing on one of themedia discs.

FIG. 3 is a flow chart showing the steps performed by a source node inencrypting secondary content.

FIGS. 4A-4B are block diagrams illustrating selection of a REAVDencryption key from data encoded on a media article.

FIG. 5 is a flow chart showing the steps of performed by a clientterminal in obtaining access to encrypted secondary content from thesource node.

Like numerals refer to like parts throughout the several views of thedrawings.

DETAILED DESCRIPTION

Exemplary methods and systems for selecting and distributing adecryption key used to decrypt secondary content are disclosed herein.In the detailed description that follows, like element numerals are usedto denote like elements that appear in the figures.

FIG. 1 is a schematic diagram showing a system 100 embodying anexemplary aspect of the disclosed technology. A client terminal 102plays an original or an authorized copy of a media disc, tape, device orother tangible media article 103 containing raw encrypted audio-videodata REAVD, such as, for example, a television episode or motionpicture. Media article 103 may be configured such that the REAVD encodedon it generates audio-video output, for example, the television episodeor motion picture, when the media article is played in a suitableplayer. As used herein, a “media article” refers to an individual objector electronic storage device on which digital audio-video data isstored. Client terminal 102 may comprise a general-purpose computer,specialized media player (e.g., DVD, Blu-Ray, or other player), portablemedia player, cellular telephone with broadband media capability, or anyother client that is capable of reading the media article 103 andcommunicating with a source node 106 for secondary content. Suitablemedia article 103 may comprise, for example, an imprinted DVD, HD-DVD,or Blu-Ray disc. An imprinted media article 103 may advantageouslyinclude data that cannot be written to a disk copy using a consumermedia burner, preferably because of inherent limitations of writablemedia discs. Thus, to the extent that media 103 comprises a perfect copyof an authorized released media article, it may be assumed with a highdegree of certainty that the copy is authorized and not pirated. On theother hand, to the extent that media 103 does not comprise a perfectcopy of an authorized released media article, it likely will not beuseful for decrypting secondary content.

The client terminal 102 may request additional or bonus secondarycontent 110 residing at a source node 106 over a wide area network 104.The additional secondary content 110 is different and distinct fromcontent encoded on or in the tangible media article 103. The additionalcontent 110 is not encoded on the media article 103. The source node 106may respond by sending an encrypted copy of the secondary content 112 tothe client terminal 102, where the encrypted secondary content may bedecrypted based on at least a portion of the REAVD residing on the DVDdisc. After being decrypted, an audio-video output may be provided fromthe decrypted secondary content, using an output device of the clientterminal 102, such as display screen 105. In the alternative, terminal102 may store the decrypted secondary content for future use, ortransmit the decrypted secondary content to another device.

In accordance with this embodiment, for example, a user may purchase aDVD disc containing selected episodes of a television series. The REAVDcontained in the DVD disc for the television episodes may be used toprovide the decryption key for secondary content which may be, forexample, a new episode of the current season that is being broadcast andnot yet available on any DVD or other media disc. The user may insertthe DVD disc into a client terminal to play it. One of the user optionsprovided during play of the DVD disc may include an option to view ordownload additional content from an online source. By selecting such anoption, the user may cause the client computer to download or stream theencrypted new episode, the secondary content, from the source nodethrough the Internet. Since the new episode would be encrypted againstthe decryption key on the DVD disc for season one, only those who havean authorized or perfect copy of that DVD disc would be able to decryptand view the new episode.

FIG. 2 is a schematic diagram showing another embodiment of the system200. In accordance with this embodiment, two or more media discs orother media articles 202, 204 may be used to provide access to encryptedbonus content 206 residing on or more of the media discs. The decryptionkey for the encrypted bonus content would be determined based on theREAVD on two or more media discs, and this decryption key may be used toprovide the user access to otherwise hidden or inaccessible secondary orbonus content either from one of the media discs or alternatively, froma remotely located source node.

FIG. 3 is a flow chart 300 showing exemplary steps that may be performedby a source node in encrypting secondary content for subsequentdistribution to authorized client terminals. A media disc, such as a DVDor Blu-Ray disc, may contain REAVD as well as various keys hidden inareas of the disc which are not writable using a consumer media-writingdevice, for example,a DVD ROM drive or other media writing device. Suchareas may include the sector header, the control area of the disc in thelead-in, which cannot be copied using a consumer copying device.Preferably, the media disc is in a “write once, read many format” thatcannot readily be erased and rewritten.

One of the first steps may be to select or otherwise define at least aportion of the REAVD encoded on or in the digital media article as anencryption key 302 for secondary content to be released to holders ofauthorized copies of the media article. The selected REAVD may includesvarious keys relating to the encryption status of the disc and to alsoto those hidden in the uncopyable areas of the disc. The selected REAVDmay include all of the REAVD encoded on the media article, or somesubstantial portion of it that is not readily copied. Thus, even ifsomeone duplicated the disc, any change in the encryption status of theunderlying disc (e.g., a decrypted copy or analog-to-digital copy) wouldchange the value of the encoded data such that it would becomeimpossible to recover the REAVD used as an encryption key, therebypreventing the proper decryption key from being extracted from thetangible media article. Even a raw data copy of the DVD disc shouldstill be unusable as a decryption key, so long as portions of the datamaking up the selected REAVD encryption key reside on a portion of adisc cannot be copied by the relevent consumer DVD/CD, Blu-Ray, or othermedia burners.

The REAVD encryption key may be defined or selected so as to berelatively massive relative to the secondary content to beencrypted/decrypted using the key. “Relatively massive” as used hereinmeans at least 1000 times larger than conventional 128 bit or 256 bitkeys (i.e., no less than 128,000 bits). More preferably, however, theREAVD encryption key is of a relatively massive size (i.e., number ofbits) comparable to the number of bits in the secondary content to beencrypted using the REAVD key. For example, if the secondary content isexactly 300 megabytes (2.4×10⁹ bits) in size, the selected REAVD key mayalso be 300 megabytes in size, depending on the selectedencryption/decryption method. Certain one-to-one reversible transforms,for example, an exclusive “OR” operation, are readily used with an keythat is exactly the same size as the encrypted secondary data. Othertransforms may easily be adopted that operate with other than a 1:1mapping, such as a 2:1 transform, 1:2 transform, or any other transformrequiring a relatively massive key. The present technology is notlimited to a particular transform ratio or transform method.

FIG. 4A is a block diagram illustrating an algorithm for selection of aREAVD encryption key from a playable media article such as a molded DVDor Blu-Ray disc used to generate audio-video output. The area inside therectangle 210 represents all of the data encoded on the disc, forexample, 600 megabytes of encrypted audio-video data. Area 212represents data encoded on a sector of the media article that cannot becopied to a writable media disc. Presuming, for the sake of example,that the media article is scanned (read) vertically from left to right,dotted line 214 represents a scan line just after 300 megabytes havebeen read, starting with the first bit of the uncopyable sector 212.FIG. 4A therefore represents selecting the first “X” bits encoded on themedia article to be the REAVD key, where “X” is the number of key bitsneeded, whether that be equal to the number of bits of secondary contentto be encrypted or some other ratio.

FIG. 4B is a block diagram illustrating an alternative algorithm forselection of a REAVD encryption key from a playable media article. Here,the REAVD may be selected to include, for example, all or a portion ofthe data in sector 212 and selected blocks of data 216 a, 216 b, 216 calternating with and spaced apart by unselected blocks of data 218 a,218 b and 218 c. Block 220 represents a residual unselected portion. Anynon-zero number of selected or unselected blocks may be used, in anypattern, including overlapping patterns; FIG. 4A illustrates the simplecase of one (1) block while FIG. 4B illustrates multiple blocks. In anoverlapping pattern of selected blocks, an “overlapping” portion of thedata 210 encoded on the media article is duplicated at a one or moredifferent locations of the REAVD key. In a non-overlapping pattern, noneof the data 210 appears more than once in the REAVD key. The multipleblocks may be spaced apart by any non-zero number of bits and maycomprise any non-zero number of bits. Using various different selectionalgorithms, it should be possible to generate a virtually unlimitednumber of different REAVD encryption keys from any typical large mediaarticle, such as a DVD disc or Blu-Ray disc. In addition, by using anoverlapping REAVD selection algorithm, it is possible to generate aREAVD encryption key that is any desired degree greater in size than theentire original REAVD data on a given media disk.

The scheme or method of selecting the REAVD key from data encoded on themedia article for encrypting at the source, whatever it is, must beprovided or known to client devices that have access to an authorizedcopy of the media article and wish to decrypt secondary content.Therefore, the source device should make a record of the scheme used,herein referred to as a “REAVD key recognition algorithm”. The REAVD keyrecognition algorithm may be varied depending on the release or versionof the authorized media article, with time, geographic location, or anyother parameter that may be applicable to a plurality of clients ormedia articles. In the alternative, the REAVD key recognition algorithmmay be constant. However, use of a variable REAVD key recognitionalgorithm may provide greater security. In embodiments where a variableREAVD key recognition algorithm is used, it may be provided to clientswhen the client seeks to access secondary encrypted content, or at anyappropriate prior time. In the alternative, or in addition, the REAVDkey recognition algorithm used with a particular release of a mediaarticle, or any portion of it, may be predetermined and encoded on themedia article itself.

Referring again to FIG. 3, once the REAVD encryption key is selected, itmay be stored as an encryption/decryption key for the secondary contentfor use by the source node. In the alternative, it may be used “on thefly” to encrypt the secondary content and then discarded, provided thatthe REAVD key recognition algorithm is saved in association with aunique identifier for the media articles containing original REAVD datato which the REAVD key recognition algorithm pertains.

The secondary content may be encrypted using the encryption key 304 andstored at a host server 306 for distribution to authorized clientterminals. Various suitable two-way encryption algorithms may beemployed at the source using the REAVD encryption key. Performing anexclusive “OR” operation on the data to be encrypted and a REAVD key ofequal length is one computational simple example of a reversibleencryption transform algorithm, having the advantage of being very fastand assuredly reversible. A myriad of other transforms that exploit andrequire the use of a relatively massive binary key may also be used. Forexample, bits from the REAVD key may be inserted at defined intervals(e.g., every other bit, every third bit, etc.) in the secondary contentto be encrypted. For further example, the REAVD key or defined portionsof it may be added, subtracted, multiplied, divided, raised to a powerof, or otherwise used in a reversible transform on the secondary data tobe encrypted. Any combination of different transform operations may beused in a given algorithm. As a massive key, the REAVD encryption keymay be best suited for symmetric or reversible encryption methods. Thatis, the same key may be used to both encrypt and decrypt the targetdata. Hence, the massive REAVD encryption key may be variously referredto herein as an encryption key, encryption/decryption key, or decryptionkey. Likewise the symmetric encryption algorithm may be variouslyreferred to herein as an encryption algorithm, encryption/decryptionalgorithm, or decryption algorithm.

In the alternative to symmetric encryption, to the extent that anyasymmetric encryption and decryption method is known that can makeefficient use of a massive decryption key constituted of predeterminedREAVD, such a method may be used to encrypt the secondary content. Insuch case, the massive REAVD key encoded on the media article shouldconstitute the decryption key of the asymmetric keyset. However, thepredetermined, essentially arbitrary nature of the REAVD encoded on themedia article, which by definition must include encrypted audio-videodata, may prevent or limit its usefulness as a decryption key of anasymmetric keyset. Known asymmetric encryption methods generate aspecific public decryption key in a determinate fashion from a knownprivate key. Such a determinate decryption key will not qualify as REAVDno matter what its size, because it cannot, using known technology, beitself decrypted and used to generate audio-video output.

Different encryption transform algorithms may be used for differentREAVD data, or in the alternative, an unvarying encryption transformalgorithm may be used for all REAVD data encoded on different releasesof media articles. The use of different encryption transform algorithmsmay provide additional security for the encrypted data. The particularencryption algorithm used for a particular release of a media articlemay be stored by the source server for later use by a client. In thealternative or in addition, all or a portion of the encryption algorithmmay be predetermined and encoded on the media article itself.

At any time before or after the secondary content is encrypted and/orstored at the source terminal, the media articles encoded with the REAVDused to encrypt the secondary content may be distributed to end users308. This may be accomplished using any suitable wholesale/retaildistribution method. Such media articles may be promoted as containingkeys needed to unlock specified secondary content. Consumers thatpurchase or otherwise receive the media articles will tend to play themedia articles to view the primary content encoded in the REAVD thereon.The primary content may include a program for communicating with asource terminal for the secondary content. In the alternative, or inaddition, the media article may be read by a general purpose computerclient having a separate program for communicating with a sourceterminal for the secondary content. Thus, the source terminal mayreceive requests 310 from one or more clients requesting access toencrypted secondary content associated the various media articlescontaining a REAVD encryption key.

As discussed in reference to FIG. 1, only client terminals with accessto the original or authorized copies of the DVD disc or other mediaarticle containing the REAVD decryption key are capable of decryptingthe encrypted secondary content. Thus, once a client terminal is playingthe original or authorized copies of the DVD disc or other mediaarticle, it may also request additional secondary content from the hostserver. In response to receipt of the request by the source server 310,the encrypted secondary content may be delivered to the client terminal312. In the alternative, or in addition, the source terminal maydetermine a REAVD key recognition algorithm associated with the mediaarticle at the client terminal, and transmit the REAVD key recognitionalgorithm to the client in response to the request. This may not benecessary if, in the alternative, the REAVD key recognition algorithm isencoded on the media article or predetermined and known to the clientterminal by an earlier communication, such as in a media player update.Likewise, the source terminal may determine an encryption algorithmassociated with the media article at the client terminal, and transmitthe encryption algorithm to the client in response to the request.Again, this may not be necessary if, in the alternative, the encryptionalgorithm is encoded on the media article or predetermined and known tothe client terminal by an earlier communication. Of course, instead oftransmitting the encryption algorithm or the REAVD key recognitionalgorithm to the requesting client, access may be provided in anothersuitable way in response to the request, such as, for example, informingthe client how to otherwise obtain the requested information orproviding a decryption key for it.

It may not be necessary to transmit the encrypted secondary content fromthe source terminal to the client. Secondary content may be providedfrom any other location, including from another portion of the mediaarticle, a related media article, or from another server. To provedaccess to such otherwise located secondary content, the source servermay, in response to the client request for access, provide one or bothof the REAVD key recognition algorithm or the encryption algorithm, asdiscussed above. In cooperation with the source terminal, a clientterminal having access to the media article with the necessary REAVD keyaccesses the encrypted secondary content and outputs an audio-visualpresentation of the secondary content. FIG. 5 shows exemplary steps of amethod 400 performed by a client terminal in obtaining access toencrypted secondary content from the source node. First, the userobtains an original or an authorized copy of a DVD or other mediaarticle encoded with REAVD, with the decryption key being determined byat least a portion of the REAVD 402. For example, the user may see theDVD promoted on an on-line store as “providing exclusive access to”additional content of interest, and therefore purchases the DVD. Theuser places the DVD or other media article in a suitable clientterminal, for example, a media center computer or network-enabledplaying device. The client terminal then plays the DVD/media article 404to view the primary content encoded thereon. The primary content mayinclude a menu providing the user with an option to obtain the exclusiveadditional content. In the alternative, this menu option is provided bya separate application operating on the client terminal and configuredto operate in response to insertion on the media article in a playerdevice or port of the client terminal. In response to user selection ofsuch a menu option, or automatically at any designated point during playof the primary program, the client terminal may request and receiveaccess to additional secondary content from a source node 406. Thisaccess may be provided in the various ways described above, includingbut not limited to various combinations of downloading the encryptedsecondary content, obtaining a REAVD key recognition algorithmapplicable to the media article accessed by the client terminal, orobtaining the correct encryption/decryption algorithm for the secondarycontent. Using the REAVD key recognition algorithm, the client terminalmay extract the massive REAVD decryption key from the DVD/media article408. The REAVD key recognition algorithm may require accessing data on aportion of the media article that is not normally accessed by the clientterminal to play the primary content or to copy the data on the mediaarticle to a different media article. As such, unless the clientterminal is equipped with specially-designed pirating software andhardware, it should be unable to copy the entire REAVDencryption/decryption key to a different media article.

After the REAVD decryption key is extracted, or concurrently as it isextracted, the client terminal may use the REAVD decryption key todecrypt secondary content 410 provided by the source node or from anyother source, including but not limited another media playing device incommunication with the client terminal. The secondary content may bedecrypted in a continuous process synchronous with the output of theresulting audio-video signal, in an asynchronous batch process, or insome combination of the foregoing, depending on the application. Formost content, a continuous synchronous process that does not requirestorage of the resulting decrypted content may be more secure and moreefficiently use client system resources. The client terminal may thenplay the decrypted secondary content 412 to produce an audio-videooutput for the user. Method 400 may be repeated to access any additionalsecondary content for which a particular media article, via its encodedREAVD, provides exclusive access. Such additional content may readily becreated and made available at any time after the REAVD is defined.

Thus, it is possible, for example, to use a particular media article,such as a DVD disc of the first episodes of a television series, as akey for unlocking any number of subsequent episodes, or for that matter,an entire library of encrypted information. It is not necessary that thesecondary content be related to the primary content encoded in the REAVDmedia article. It may be desirable, for some applications, for thesecondary content to be unrelated. For example, a DVD disk containing“Lectures On The Theory Of Relativity” might be utilized as a key foraccessing adults-only entertainment content, whether on-line or encodedon other media articles, effectively preventing inadvertent access tothe adults-only content by underage viewers.

In view of the foregoing, various advantages of and applications for thepresent technology should be apparent. The nature of the technologyprovides various advantages, some of which may be summarized as follows:

-   -   (1) The relatively massive size of the REAVD decryption key,        which may be hundreds megabytes or as large as a digital data        required for a full-length motion picture, may make widespread        distribution of an illegally copied key much more cumbersome        than traditional decryption keys.    -   (2) The use of REAVD that functions for providing a primary        program also as an encryption key for secondary content is an        efficient use of media and can be used to promote sales of the        media articles for the primary program.    -   (3) The use of a secret REAVD key recognition algorithm, which        can readily be changed without any need to change the REAVD on        the media article, provides additional security and flexibility.    -   (4) The use of a secret encryption/decryption algorithm, which        can also be readily changed without requiring changes to the        REAVD or the REAVD key recognition algorithm, provides yet        another layer of additional security and flexibility.    -   (5) Storage of a portion of the REAVD decryption key on a        portion of a media article that is manufactured to not be        readily copied to a writable media article copy further enhances        security of the key.

The foregoing detailed description and specific examples, whileindicating a preferred embodiment of the novel technology disclosedherein, are given by way of illustration and not limitation. Manychanges and modifications within the scope of the present invention maybe made without departing from the spirit thereof, and the inventionincludes all such modifications. For example, while the use of DVD discsas media articles has been referred to, it should be appreciated thatother data storage formats may be equally suitable for use with thepresent technology.

1. A computer-implemented method for using a media article for providingaccess to encrypted secondary content to a client terminal, the methodcomprising: receiving encrypted secondary content at a client terminal;extracting a decryption key from a media article encoded with rawencrypted audio-video data (“REAVD”) operable to provide an audio-videooutput signal, the decryption key being determined by at least a portionof the REAVD encoding audio-video data; using a decryption key todecrypt the encrypted secondary content; and outputting the decryptedsecondary content from the client terminal.
 2. The method of claim 1,wherein the client terminal receives the encrypted secondary contentfrom a remote host.
 3. The method of claim 1, wherein the clientterminal receives the encrypted secondary content from a second mediaarticle.
 4. The method of claim 1, wherein the decryption key isdetermined by REAVD on different segments of the media article.
 5. Themethod of claim 1, wherein the decryption key is further determined byone or more data segments of the media article that that cannot becopied to a writable media article using a copying device.
 6. The methodof claim 1, wherein the decryption key is further determined by adefined REAVD key recognition algorithm.
 7. The method of claim 1,further comprising using the decryption key according to a defineddecryption algorithm.
 8. The method of claim 7, further comprisingdecrypting the secondary content using the decryption algorithmconfigured for one-to-one mapping of the encrypted secondary content andthe data on the media article.
 9. The method of claim 8, wherein theone-to-one mapping comprises an exclusive “OR” operation.
 10. The methodof claim 1, wherein extracting the decryption key comprises extractingthe decryption key being of a relatively massive size.
 11. The method ofclaim 10, wherein extracting the decryption key comprises extracting thedecryption key being equal in size to the secondary content.
 12. Acomputer-implemented method for encrypting secondary content fordistribution to client terminals, the method comprising: selecting atleast a portion of REAVD that is provided on a media article encodingaudio-video data to define an encryption key; encrypting secondarycontent using the encryption key; and storing the encrypted secondarycontent at a remotely located host.
 13. The method of claim 12, furthercomprising receiving a request from a client terminal for the encryptedsecondary content.
 14. The method of claim 13, further comprisingtransmitting the encrypted secondary content in response to a requestfrom the client terminal.
 15. The method of claim 12, further comprisingselecting the at least a portion of REAVD using a defined REAVD keyrecognition algorithm for the media article.
 16. The method of claim 15,further comprising transmitting the defined REAVD key recognitionalgorithm in response to a request from a client terminal.
 17. Themethod of claim 12, further comprising encrypting the secondary contentusing a defined symmetric encryption algorithm for the media article.18. The method of claim 17, further comprising transmitting the definedsymmetric encryption algorithm in response to a request from a clientterminal
 19. The method of claim 15, further comprising selecting the atleast a portion of REAVD including one or more data segments located inan uncopyable portion of the media article.
 20. The method of claim 12,further comprising selecting the at least a portion of REAVD that is ofa relatively massive size.
 21. The method of claim 12, furthercomprising selecting the at least a portion of REAVD that is of a sizeequal to the secondary content.